[NA]Firewall services[NA]

Discussion in 'Technical Corner' started by Let'sgoflying!, Mar 27, 2019.

  1. Let'sgoflying!

    Let'sgoflying! Touchdown! Greaser! PoA Supporter

    Joined:
    Feb 23, 2005
    Messages:
    16,744
    Location:
    west Texas
    Display Name:

    Display name:
    Dave Taylor
    Small business
    Server & 4-5 workstations
    Credit card chip reader
    Wifi throughout; password protected.
    Bitdefender installed on all.
    SonicWall Firewall
    I am told we need a$650/3yr service to maintain firewall security through SonicWall.
    Mainly as a requirement for the credit card processor.

    Opinions as to the true need, or price?
     
  2. RJM62

    RJM62 Touchdown! Greaser!

    Joined:
    Jun 15, 2007
    Messages:
    12,473
    Location:
    Catskill Mountains, New York
    Display Name:

    Display name:
    Geek On The Hill
    If that's what your processor requires, then unfortunately, you really don't have much choice in the matter. I haven't dealt with them in years, but the last time I did, they seemed on the ball.

    Rich
     
  3. Let'sgoflying!

    Let'sgoflying! Touchdown! Greaser! PoA Supporter

    Joined:
    Feb 23, 2005
    Messages:
    16,744
    Location:
    west Texas
    Display Name:

    Display name:
    Dave Taylor
    Is it Belt and Suspenders?
    (not that excessiveness in the area of security is a bad thing)
    Oh well, gives us two companies to blame if the credit card numbers get out or ransomware in!
     
  4. SCCutler

    SCCutler Administrator Management Council Member PoA Supporter

    Joined:
    Feb 27, 2005
    Messages:
    16,626
    Location:
    Dallas
    Display Name:

    Display name:
    Spike Cutler
    SonicWall, properly configured, is pretty solid.

    If you ever need it, once, you'll have paid for it 100 times over.

    But see what Rich suggests - I trust his counsel.
     
    RJM62 likes this.
  5. John221us

    John221us En-Route

    Joined:
    Jan 5, 2012
    Messages:
    4,255
    Location:
    Rocklin, CA
    Display Name:

    Display name:
    John
    Is the $650 just for annual support (phone support and hardware replacement) or are you subscribing to any add-on services, such as malware protection or web filtering? PCI compliance can be a pain and a bit arbitrary (when it comes to small business compliance). I know for some hospitality businesses, such as hotels, they have cracked down and require separate networks and centralized logging for the credit card stuff.
     
  6. Heftiger

    Heftiger Pre-takeoff checklist

    Joined:
    Nov 13, 2013
    Messages:
    260
    Display Name:

    Display name:
    Heftiger
    If your firewall croaks you’re down for a while. It’s nice to have somebody to call...
     
  7. Let'sgoflying!

    Let'sgoflying! Touchdown! Greaser! PoA Supporter

    Joined:
    Feb 23, 2005
    Messages:
    16,744
    Location:
    west Texas
    Display Name:

    Display name:
    Dave Taylor
    Description
    [​IMG] SonicWall Comprehensive Gateway Security Suite Bundle - SonicWALL TZ300 Network Security Firewall - Subscription License 1 Appliance - 3 Year License Validation Period

    looks like software only.
    not support or hardware protection.
     
  8. John221us

    John221us En-Route

    Joined:
    Jan 5, 2012
    Messages:
    4,255
    Location:
    Rocklin, CA
    Display Name:

    Display name:
    John
    Yes, it is the latter one I mentioned. Content filtering = web filtering (you block different types of sites, like porn or YouTube), but you need to turn it on. The anti malware stuff kicks if someone clicks on a bad link or something like that. It is actually a good idea to have this.

    SonicWALL Comprehensive Gateway Security Suite includes the following:

    • Gateway Anti-Virus, Anti-Spyware, Intrusion Prevention and Application Intelligence and Control1 Service subscription
    • Content Filtering Service subscription
    • 24x7 Support subscription
     
    Let'sgoflying! likes this.
  9. RJM62

    RJM62 Touchdown! Greaser!

    Joined:
    Jun 15, 2007
    Messages:
    12,473
    Location:
    Catskill Mountains, New York
    Display Name:

    Display name:
    Geek On The Hill
    Virus scanning, firewall blocklist updates, phishing protection, etc. Most if it is stuff available from other sources if one wants to configure a firewall themselves. But having them do it is easier.

    I just have my doubts about whether it's worth the money, considering that all they're really doing is updating master configurations, not sitting there manually updating every device. But I guess if you don't want to do it yourself it is.

    Rich
     
  10. RJM62

    RJM62 Touchdown! Greaser!

    Joined:
    Jun 15, 2007
    Messages:
    12,473
    Location:
    Catskill Mountains, New York
    Display Name:

    Display name:
    Geek On The Hill
    What other security appliance are you using? If you're referring to having both SonicWall and BitDefender, both the gateway firewall and machine-level antivirus are necessary.

    Rich
     
  11. SCCutler

    SCCutler Administrator Management Council Member PoA Supporter

    Joined:
    Feb 27, 2005
    Messages:
    16,626
    Location:
    Dallas
    Display Name:

    Display name:
    Spike Cutler
    "TZ300" is a box that plugs into your network.

    You want to be really entertained, Sonicwall can set up so you can review what Internet content your employees have been looking at, and how much time they have spent in so-doing. Gets fun.
     
  12. Let'sgoflying!

    Let'sgoflying! Touchdown! Greaser! PoA Supporter

    Joined:
    Feb 23, 2005
    Messages:
    16,744
    Location:
    west Texas
    Display Name:

    Display name:
    Dave Taylor
    I have no idea what the definition of an appliance is so cannot answer. Is it the same as a device? A peripheral? The terminology is out of my league.
    I listed in post 1 my general setup if that helps.
     
  13. SCCutler

    SCCutler Administrator Management Council Member PoA Supporter

    Joined:
    Feb 27, 2005
    Messages:
    16,626
    Location:
    Dallas
    Display Name:

    Display name:
    Spike Cutler
    A thingie, a box. Usually, you'll have an "appliance" with two Ethernet ports - one in (from the great unwashed Internet), one out (to your network), and the box has hardware (it's essentially another computer) and software to manage the traffic into your network, watch for harmful content and stop it. https://www.newegg.com/Product/ProductList.aspx?Description=sonicwall tz300&Submit=ENE
     
    RJM62 likes this.
  14. RJM62

    RJM62 Touchdown! Greaser!

    Joined:
    Jun 15, 2007
    Messages:
    12,473
    Location:
    Catskill Mountains, New York
    Display Name:

    Display name:
    Geek On The Hill
    Thanks.

    Rich
     
  15. Let'sgoflying!

    Let'sgoflying! Touchdown! Greaser! PoA Supporter

    Joined:
    Feb 23, 2005
    Messages:
    16,744
    Location:
    west Texas
    Display Name:

    Display name:
    Dave Taylor
    SonicWall is saying the price includes support and hardware.
    Checking with cc processor on need.
     
  16. RJM62

    RJM62 Touchdown! Greaser!

    Joined:
    Jun 15, 2007
    Messages:
    12,473
    Location:
    Catskill Mountains, New York
    Display Name:

    Display name:
    Geek On The Hill
    No offense intended, but if you're not a tech maven (as you claim), you probably should renew it. There's no doubt that they're good devices when managed properly, and the amount of malicious activity going on out there is ponderous.

    Although I've been a member of AbuseIPDB since 2015, I only started reporting all the various hack attempts against my servers about two or three weeks ago. Since then, I've reported more than 42,000 incidents.

    https://www.abuseipdb.com/user/5688

    And mind you, those numbers don't include self-managed client sites that don't have the honeypots installed.

    Your network isn't as exposed because you're not running a Web server. But a lot of these attacks are by robots banging IP addresses without regard for what they're assigned to. So you still need a firewall. If your contract includes hardware coverage as well as the virus scanning, spam scanning, and firewall updates, you may as well keep the one you have.

    Rich
     
    Last edited: Mar 28, 2019
    Let'sgoflying! likes this.
  17. Let'sgoflying!

    Let'sgoflying! Touchdown! Greaser! PoA Supporter

    Joined:
    Feb 23, 2005
    Messages:
    16,744
    Location:
    west Texas
    Display Name:

    Display name:
    Dave Taylor
    That’s what I need to hear.
    There are so many ‘opportunities’ out there to buy stuff that is not needed, stuff which no one else finds necessary.
     
  18. RJM62

    RJM62 Touchdown! Greaser!

    Joined:
    Jun 15, 2007
    Messages:
    12,473
    Location:
    Catskill Mountains, New York
    Display Name:

    Display name:
    Geek On The Hill
    It's always necessary to have a firewall. It's not always necessary to pay for someone to manage it. But if you have a business to run and you don't have full-time IT geeks to do it that stuff for you, you may as well pay the subscription. It's one less thing to worry about.

    Rich